RSS

How-To Geek

Every so often, we hear about a new and horrible virus spreading across the internet, infecting millions of Windows computers. Today we’ll show you the steps to remove those threats and (hopefully) prevent them from happening in the future.

Note: The latest horrible virus is set to hit on April 1st, 2009. It’s called Conficker, and we’ll explain how to make sure you are safe.

Whenever an outbreak happens, you should take the following steps:

Run the Microsoft Windows Malicious Software Removal Tool.

Run the McAfee Stinger Tool (optional)

Make sure you are using Updated Anti-Virus Software.

Make sure Windows Updates are turned on.

Get Notified for Microsoft Security Alerts.

We aren’t talking about regular viruses… your anti-virus software can handle those. We’re talking about the terrible viruses that will crash your computer, steal your information, delete the pictures of your kids – and cause your computer to be remotely controlled by a spammer. Bad stuff, but they can usually be prevented.

Run the Microsoft Windows Malicious Software Removal Tool

The first step in detecting and removing horrible viruses and worms from your computer is to run Microsoft’s own Malicious Software Removal Tool – it’s not a replacement for anti-virus, but it’s the best way to get rid of some of the worst offenders, like the current Conficker worm.

To run the tool, you simply need to download the file from Microsoft and run it. There’s no installer required.

If you were affected, the tool would remove the virus and alert you. Since we’re thankfully safe, we got the friendly message that no malicious software was detected. You can click the “View detailed results of the scan” to see more information.

By scrolling down in the list, you can find the current threat and make sure that you are not infected.

The tool should be updated automatically through Windows Update, but you can always just download it directly as well. This is an important tool to keep around.

Run the McAfee Stinger Tool (optional)

An alternative tool is the McAfee Stinger tool, which is a freeware tool that removes only the worst viruses from your computer. You can check to make sure that Stinger can remove the current virus problem by checking the List Viruses dialog… make sure you have the latest version of Stinger before you use it.

Simply hit the Scan Now button to do a full scan of your computer, but be warned that this will take a long while.

Once it’s done, you should get a report with the number of clean files.

It’s a simple and rather ugly tool, but it does the job. It’s still not a replacement for real anti-virus though.

Note: We don’t necessarily recommend ClamWin for regular users, because it has no real-time protection. It’s just what I have installed on this computer and I needed a screenshot.

Make sure Windows Updates are turned on

Now we arrive at the most important step: making sure that Windows is fully patched and Windows Updates is enabled. You can’t protect yourself against worms and hackers if you are running a woefully out-of-date version of Windows that isn’t patched. It just won’t work.

Open up Windows Updates, make sure to click “Check for updates” and install every security patch they recommend. Then click the Change settings link…

And make sure you have it set to check for updates automatically, and installing updates automatically isn’t a bad option. Just remember, if you are running an un-patched system, you are leaving yourself open for all sorts of bad things.

Note: Please pardon the alarmist nature of this point, but patching is the #1 key to keeping safe against internet worms.

Get Notified for Microsoft Security Alerts

If you really want to make sure you are secure, you can sign up for alerts from Microsoft whenever there is an important patch that needs to be installed. You can also check the current security bulletins at any time by visiting their security bulletin home page.

So now we get right down to it… how do you know if you are vulnerable to one of the security holes? As an example, we’ll look at the security hole that leaves you vulnerable to the Conficker worm: Vulnerability in Server Service Could Allow Remote Code Execution. If you look through the list of downloads, you’ll see the particular patch for your system.

If Windows update says that you are up to date, you can check for a particular patch by clicking on “View update history” on the left-hand side.

This will take you to a long list of every update that has been installed. Look through the list, and you should see the update mentioned in the security bulletin… for me, it was KB958644 for x64-based systems, since I’m running 64-bit Vista.

At the very least it’s a relief to know that you aren’t vulnerable… to the current worm, at least.

Conclusion

These steps are essential in protecting your computer from hackers, worms, and viruses, but they aren’t the only important keys to safety. You should still remain vigilant and use common sense: don’t download files from untrusted sources, use a firewall, and make sure your email provider scans for viruses before you open attachments.

Thanks for noting that – you actually only need to download it and run it from Microsoft’s site. When a new version comes out, Windows update usually prompts you, but you can run it on demand by simply using the downloaded file.

Well… today i got my FIRST-EVER virus infection, and wouldn’t you know, Symantec (latest virus definitions) and Microsoft’s Malicious Software Removal Tool, both reported no infection with a full scan. I had it bad (invoked via iehelper.dll, so i couldn’t run IE, as well as other registry and dll installations) but my co-worker found http://www.malwarebytes.org and their Malwarebyte’s AntiMalware program, and it found 16 different infections sites on my desktop machine. I got this virus simply by opening a local, normally trustworthy web page, and it hit me despite a corporate firewall, Symantec AV, and Windows Defender! The key point is, don’t trust the results of a scan from a single tool, especially if you think you are infected. (And the caveat – only run one tool at a time, so they don’t step on one another’s feet!) I was going to run Avast! next, but it looks like the Malwarebyte tool has cleaned it up. Whew!

What you mentioned is right ,every users PC should be updated with latest updates from Microsoft and mean while their anti-virus and antispywares they are using should be updated.Its all upto pc users to aware about the latest security news.

I have just been alerted that i have trojans malishious viruses @ worms on my laptop & it has blocked me from downloading anything to remove it,also it wont let me run anything! it tells me that its stealing my credit card details! but wants me to enter them to remove these. can any one please help?

Help! My computer (e-machines, Vista 32-bit) got infected and I have been running scans for about 2 wks now and it seems to be getting worse :( I have removed the Trojans viruses and other junk detected with several recommended free downloads from this website such as: Microsoft Removal Tool, Norton Internet Security 2010, Anti-spyware, Malwarebytes Anti-Malware, CCleaner and currently, I am running a full scan with Spyware Terminator. All of these programs have detected and removed critical items etc. but after computer restarts, I have tons of saved documents opening up and I am able to close them but with difficulty. Does anyone have any suggestions on what else I can do to get my PC back to normal? Any other tools I should be using?

DID YOU KNOW?

Lagophthalmos is a medical condition wherein the patient cannot completely close their eyelids (typically as a result of a malfunctioning facial nerve); the most common surgical treatment is to insert tiny plates made of pure gold into the patient’s upper eyelid which provide just enough weight to pull the lid closed.